2 matches found
CVE-2008-3433
SpeedBit Download Accelerator Plus DAP before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...
CVE-2008-3433
CVE-2008-3433 affects SpeedBit Download Accelerator Plus (DAP) prior to 8.6.3.9. The issue is that DAP does not properly verify update authenticity, enabling a man-in-the-middle to substitute a Trojan-horse update and allow arbitrary code execution. The vulnerability is demonstrated by references...